bug#35787: 26.2; gnutls: accessing raw server certificate data

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#35787: 26.2; gnutls: accessing raw server certificate data

From:	Lars Ingebrigtsen
Subject:	bug#35787: 26.2; gnutls: accessing raw server certificate data
Date:	Tue, 09 Jul 2019 15:44:42 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux)

Julian Scheid <julians37@gmail.com> writes:

> So, to make this work it looks like I'd need either
>
> 1) the fingerprint, but using the hash function as required by the RFC, or
> 2) the certificate as a binary blob.

I think putting the signature itself in the process object (in addition
to all the details) makes some sense, but perhaps it's wastes
unnecessary memory...

There's gnutls-peer-status, and that could also be amended to return the
full certificate.  But, again, that's also called for virtually any TLS
connection.

Perhaps a new function to return the actual certificate?  And perhaps it
should just return the entire certificate chain?

Anybody got an opinion here?

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

[Prev in Thread]

Current Thread

[Next in Thread]

bug#35787: 26.2; gnutls: accessing raw server certificate data, Lars Ingebrigtsen, 2019/07/08
- bug#35787: 26.2; gnutls: accessing raw server certificate data, Julian Scheid, 2019/07/09
  - bug#35787: 26.2; gnutls: accessing raw server certificate data, Lars Ingebrigtsen <=

Prev by Date: bug#35407: HAR files should be treated as JSON and opened in JavaScript mode
Next by Date: bug#35340: ffap: dired wildcards always needs a wildcard in the filename
Previous by thread: bug#35787: 26.2; gnutls: accessing raw server certificate data
Next by thread: bug#35651: 26.2; doc of `delimit-columns-*' commands
Index(es):
- Date
- Thread